Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2023-47368
CVE-2023-47368:
NixOS vulnerability analysis and mitigation
Overview
The vulnerability (CVE-2023-47368) affects Line version 13.6.1, specifically in the taketorinoyu application. The vulnerability involves the exposure of a channel access token that allows remote attackers to send malicious notifications to victims. The issue was disclosed on November 9, 2023 (NVD).
Technical details
The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N. The vulnerability is related to inadequate encryption strength (CWE-326) and involves the exposure of sensitive channel access tokens (NVD).
Impact
When exploited, this vulnerability allows remote attackers to send malicious notifications to victims through the compromised channel access token. This could lead to unauthorized message distribution and potential phishing attacks (NVD).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management